Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

mailqueue

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-1323
Assigner-f4fb688c-4412-4426-b4b8-421ecf27b14a
ShareView Details
Assigner-f4fb688c-4412-4426-b4b8-421ecf27b14a
CVSS Score-5.2||MEDIUM
EPSS-0.12% / 30.04%
||
7 Day CHG+0.09%
Published-17 Mar, 2026 | 08:33
Updated-25 Apr, 2026 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure Deserialization in extension "Mailqueue" (mailqueue)

The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at $GLOBALS['TYPO3_CONF_VARS']['MAIL']['transport_spool_filepath'].

Action-Not Available
Vendor-cps-itTYPO3 Association
Product-mailqueueExtension "Mailqueue"
CWE ID-CWE-502
Deserialization of Untrusted Data